10-07-2015 10:42 AM
Hey all - I am currently running a ASA 5525X in multiple context mode. I will be standing down one of the contexts in the near future. The plan is to extract the running-config of that context and apply it to a ASA 5505. It appears that you are unable to run "more system:running-config" when the firewall is a context. I need to run this command since we did not document the pre-shared keys in the running-config. Has anyone else run up against this issue?
10-07-2015 10:49 AM
can you try running the same by going inside a context?
10-07-2015 11:11 AM
I connect to the firewall (context) named "vpn" via the mgmt IP of that firewall. Once connected I am unable to run the command "more system:running-config". The output below shows that I am connected to the context named "vpn" and am running the command from there.
fw-xyz-ent/vpn#
fw-xyz-ent/vpn# more system:running-config
^
ERROR: % Invalid input detected at '^' marker.
fw-xyz-ent/vpn#
- thanks
10-09-2015 08:05 AM
I found the fix here:
http://www.bodiddely.com/cisco-asa-view-cleartext-ipsec-pre-shared-key/
02-18-2020 03:43 AM
Hi Gneal,
Can you please let me know what the fix was?
I too have multiple contexts and unable to view the preshared keys in each context.
The URL you have posted is no longer accessible.
Please help.
02-19-2020 04:59 AM - edited 02-19-2020 05:02 AM
You can view your "vpn" context complete configs including PSK's from system context using command “more disk0:/vpn.cfg”.
Make sure you are executing it from system context or first “changeto context system”
- Muhammad Zahid
02-20-2020 01:33 AM
Hi Muhammad,
Thank you for the reply. But my issue is complicated than this.
The issue is I can't access my disk due to the following bug.
Bug : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuw95262/
So my intention is to take a copy of the running config of each context (With the pre-shared keys in clear text) before I tackle this issue. (I am planning on upgrading the firmware / rebooting the ASA at a later point). So, since I can't save any configs, I want to take a copy of the running config of each context in clear text.
Any advice on this?
02-21-2020 07:10 AM
Use "Solarwinds Kiwi CatTools" to back your configurations; backup need to setup using SNMP and this tool generate backup configs files with PSKs in plain text.
-- Muhammad Zahid
02-24-2020 01:24 AM
Hi Muhammad,
Thank you very much for the idea.
I will try and see how this goes.
Cheers
02-25-2020 09:13 AM
Hi Guys,
After many hours of troubleshooting, the only way I found was to export the config of each context to a tftp server.
This exported the running config in clear text (including pre shared keys)
Hope this helps.
Thanks
06-17-2020 05:30 PM
Hi @gneal
more system:running-config run command on both single as well multiple context mode. You just need to understand how it will work on multiple context mode. I have run and tested this command in multiple context. The command is here:
Changeto system
# more disk0:/<context_name>.cfg
# more disk0:/<context_name>.cfg | i pre-sh
# more disk0:/<context_name>.cfg | i snmp
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide